Re: login -h

mouseCollatz.McRCIM.McGill.EDU

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Walker Aumann: "Re: Race conditions"
• Previous message: Robert M. Haas: "Re: login -h"
• Maybe in reply to: Bonfield James: "login -h"
• Next in thread: Alexander Haiut: "Re: login -h"

> I don't think anyone should rely on wtmp for any kind of security.
> Whatof rsh?

If you're going to be paranoid about security, you should blow away
anything that lets people in unauthenticated, like rsh.

Quite aside from that,

> Its easy enough to do a rsh <host> xterm -ut -display <foo> and avoid
> wtmp detection.

Or more simply, rsh <host> csh -fi, which I have used when for some
reason rlogin didn't work (eg, out of ptys) and I needed a shell on the
machine to fix things.

> The -ut flag tells xterm to not make a entry in utmp and it never
> considers making a wtmp entry.  I suppose because it never has
> permissions to.

xterm is capable of writing a wtmp entry on almost any system on which
it can write utmp entries.  (The exceptions are those where (a) xterm
is not setuid-root, (b) utmp is world writable, and (c) wtmp isn't
world writable.)

> The rsh server would have to make the wtmp entry.  Which is odd it
> doesn't because it does if envoke a shell with it.  Hmmmm...

Given the current wtmp design, it shouldn't write a wtmp entry because
there's nothing to put in the ut_line field.  One could invent
something, I suppose....

					der Mouse

			    mousecollatz.mcrcim.mcgill.edu

• Next message: Walker Aumann: "Re: Race conditions"
• Previous message: Robert M. Haas: "Re: login -h"
• Maybe in reply to: Bonfield James: "login -h"
• Next in thread: Alexander Haiut: "Re: login -h"